Data security and communications
Security is our top priority at Cucumber Lighting Controls. Our security measures cover everything from user data all the way to the inter device communication network under Bluetooth Mesh.
User Data
User data in the cloud is stored in data accounts housed in UK-based servers in the Azure ecosystem, which utilise industry-standard authentication and authorisation tools. Access to the user account in the Azure system is protected by two-factor authentication. Data is transferred over SSL (secure socket layer) encryption between the app and the Cloud server.
Data stored in the Cucumber app is protected by secure login to the app; passwords are stored in encrypted format in the app’s internal database and the backend Cloud database. Only users with a Cucumber account who are authorised to access the installation site are allowed to view or modify such data.
Device configuration and network
The Cucumber network only functions after the Cucumber app has configured the devices in the network. The app establishes a unique 128-bit network key and app key within the network, ensuring secure communication. Once set up, devices within the network encrypt messages twice before transmission. This double encryption effectively prevents unauthorised entities from accessing or controlling network nodes.
BLE mesh not only encrypts but also protects against replay attacks. Each BLE mesh message’s Protocol Data Unit (PDU) incorporates a sequence number and initialisation vector index. These unique identifiers ensure that each message is accepted only once, thwarting replay attempts.